SecuritySpace - CVE-2014-4860

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2014-4860

Description: Multiple integer overflows in the Pre-EFI Initialization (PEI) boot phase in the Capsule Update feature in the UEFI implementation in EDK2 allow physically proximate attackers to bypass intended access restrictions by providing crafted data that is not properly handled during the coalescing phase.

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2014-4860
http://www.kb.cert.org/vuls/id/552286

CVE ID:	CVE-2014-4860
Description:	Multiple integer overflows in the Pre-EFI Initialization (PEI) boot phase in the Capsule Update feature in the UEFI implementation in EDK2 allow physically proximate attackers to bypass intended access restrictions by providing crafted data that is not properly handled during the coalescing phase.
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2014-4860 http://www.kb.cert.org/vuls/id/552286